Feat/CS-39612

.github/workflows/codeql-analysis.yml

@@ -34,7 +34,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v3.5.3
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

.github/workflows/jira.yml

@@ -7,7 +7,7 @@ jobs:
     if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-')  || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}}
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3.5.3
       - name: Login into JIRA
         uses: atlassian/gajira-login@master
         env:

.github/workflows/release.yml

@@ -8,11 +8,11 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: pnpm/action-setup@v2
+      - uses: actions/checkout@v3.5.3
+      - uses: pnpm/action-setup@v2.2.4
         with:
           version: 7
-      - uses: actions/setup-node@v1
+      - uses: actions/setup-node@v3.7.0
         with:
           node-version: '18.x'
           cache: 'pnpm'
@@ -32,7 +32,7 @@ jobs:
         working-directory: ./packages/contentstack-dev-dependencies
         run: npm run prepack
       - name: Publishing dev dependencies
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.dev-dependencies-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -47,7 +47,7 @@ jobs:
         working-directory: ./packages/contentstack-utilities
         run: npm run prepack
       - name: Publishing utilities
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.utilities-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -62,7 +62,7 @@ jobs:
         working-directory: ./packages/contentstack-command
         run: npm run prepack
       - name: Publishing command
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.command-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -77,7 +77,7 @@ jobs:
         working-directory: ./packages/contentstack-config
         run: npm run prepack
       - name: Publishing config
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.config-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -92,7 +92,7 @@ jobs:
         working-directory: ./packages/contentstack-auth
         run: npm run prepack
       - name: Publishing auth
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.auth-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -103,7 +103,7 @@ jobs:
         working-directory: ./packages/contentstack-export
         run: npm install
       - name: Publishing export
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.export-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -114,7 +114,7 @@ jobs:
         working-directory: ./packages/contentstack-import
         run: npm install
       - name: Publishing import
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.import-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -125,7 +125,7 @@ jobs:
         working-directory: ./packages/contentstack-clone
         run: npm install
       - name: Publishing clone
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.clone-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -136,7 +136,7 @@ jobs:
         working-directory: ./packages/contentstack-export-to-csv
         run: npm install
       - name: Publishing export to csv
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.export-to-csv-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -147,7 +147,7 @@ jobs:
         working-directory: ./packages/contentstack-migrate-rte
         run: npm install
       - name: Publishing migrate rte
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.migrate-rte-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -158,7 +158,7 @@ jobs:
         working-directory: ./packages/contentstack-migration
         run: npm install
       - name: Publishing migration
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.migration-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -173,7 +173,7 @@ jobs:
         working-directory: ./packages/contentstack-seed
         run: npm run prepack
       - name: Publishing seed
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.seed-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -188,7 +188,7 @@ jobs:
         working-directory: ./packages/contentstack-bootstrap
         run: npm run prepack
       - name: Publishing bootstrap
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.bootstrap-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -199,7 +199,7 @@ jobs:
         working-directory: ./packages/contentstack-bulk-publish
         run: npm install
       - name: Publishing bulk publish
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.bulk-publish-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -214,7 +214,7 @@ jobs:
         working-directory: ./packages/contentstack-launch
         run: npm run prepack
       - name: Publishing launch
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.launch-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -230,7 +230,7 @@ jobs:
         working-directory: ./packages/contentstack-branches
         run: npm run prepack
       - name: Publishing branches
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.branches-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
@@ -243,25 +243,20 @@ jobs:
         run: npm install
       - name: Publishing core
         id: publish-core
-        uses: JS-DevTools/npm-publish@v1
+        uses: JS-DevTools/npm-publish@v2.2.1
         if: ${{ steps.core-installation.conclusion == 'success'  }}
         with:
           token: ${{ secrets.NPM_TOKEN }}
           package: ./packages/contentstack/package.json
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3.5.3
         with:
           ref: 'prod-qa-pipeline'
       - run: echo ${{ steps.publish-core.outputs.version  }} > version.md
       - uses: EndBug/add-and-commit@v9
         with:
           message: 'Released version'
       - name: Create Release
-        uses: actions/create-release@v1
         id: create_release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          tag_name: v${{ steps.publish-core.outputs.version }}
-          release_name: Release ${{ steps.publish-core.outputs.version }}
-          draft: false # Default value, but nice to set explicitly
-          prerelease: false # Default value, but nice to set explicitly
+        run: gh release create v${{ steps.publish-core.outputs.version }} --title "Release ${{ steps.publish-core.outputs.version }}" --generate-notes

.github/workflows/sast-scan.yml

@@ -6,6 +6,6 @@ jobs:
   security:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3.5.3
       - name: Horusec Scan
         run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src horuszup/horusec-cli:latest horusec start -p /src -P $(pwd)

.github/workflows/sca-scan.yml

@@ -10,8 +10,8 @@ jobs:
       - uses: pnpm/action-setup@v2
         with:
           version: 7
-      - name: Use Node.js 16.x
-        uses: actions/setup-node@v3
+      - name: Use Node.js 18.x
+        uses: actions/setup-node@v3.7.0
         with:
           node-version: '18.x'
           cache: 'pnpm'